Marriott International says 500M records from the guest reservation database of Starwood Hotels were stolen in a massive data breach dating as far back as 2014
you ruined my credit card, hotels, loyalty program and then your shitty IT means you lost my personal data. Andrea Matwyshyn / @amatwyshyn : “In its quarterly filing dated Nov. 6, Marriott added a warning about security breaches.” <— expect securities class actions if this warning was absent from earlier filings https://twitter.com/... Kevin Beaumont / @gossithedog : This is from 2017. Per @Marriott their breach started in 2014. In this screenshot a remote access trojan inside the Marriott has access to their Cyber Incident Response Team mailbox. https://twitter.com/... Jake Williams / @malwarejake : Real talk about the @marriott announcement. The issue was discovered on September 8th. This wasn't simply an issue of “the logs had evidence on the 8th.” We know this because they changed something on the 10th (see the end of paragraph 1). 1/n http://news.marriott.com/... http://twitter.com/... @ronlieber : Attention all Starwood guests/breach victims: Marriott's instructions re enrolling in their breach protection (which should last longer than the year they are offering btw, ugh) are not clear. Here are some better ones. (THREAD) http://answers.kroll.com/ Maxim Tucker / @maxrtucker : Stayed in a Marriott over the past four years? Hackers probably have pretty much everything they need to steal our identities. A massive 500 MILLION guests affected. Insane. http://answers.kroll.com/ http://twitter.com/... Dave Kennedy / @hackingdave : Starwood/Marriott breach is looking to be massive. 500 million impacted with high potential of credit cards as well. Includes usernames, passwords, DOB, address, sec questions, passport numbers, reservation history, and possibility of credit cards. http://answers.kroll.com/... (1/4) Joseph Cox / @josephfcox : NCSC, defensive arm of GCHQ, statement on Marriott hotel breach that has impacted 500 million customers pic.twitter.com/GbehkjD87V Thomas Brewster / @iblametom : Still awaiting comment from Marriott on this - their statement is causing some concern... https://twitter.com/... Joe Weisenthal / @thestalwart : When I first saw the headlines about the Marriott/Starwood hack, I assumed it was about someone finding a way to hack the points system to get some great deals on hotel rooms. That's how polluted that word hack has become in my mind. Erica Joy / @ericajoy : Jesus fuck, this @Marriott breach. Pwned since 2014 and nobody noticed? CC's and passport numbers in tandem with a whole host of PII for over 300 million people?! Whew.(via: http://t.co/...) http://twitter.com/... Brian Hamilton / @_brian_hamilton : Plus side, this has to be worth at least 10,000 points when you call to complain. http://twitter.com/... Amy Spitalnick / @amyspitalnick : . @NewYorkStateAG Underwood has opened an investigation into the Marriott data breach. Additionally, under New York law, Marriott was required to provide notification to our office upon discovering the breach; they have not done so as of yet. Jeryl Bier / @jerylbier : “Starwood Guest Reservation Database Security Incident” http://answers.kroll.com/ Calling this breach an “incident” seems like an epidemiologists calling the Bubonic Plague in the 1300s an “incident.” David Carroll / @profcarroll : FTC ought to be able fine Marriott 4% of global revenue for this epic negligence*. Oh well. Time to write up another consent decree that won't be enforced.*That would be about $916,000,000 in this case.http://twitter.com/... Jonathan Zittrain / @zittrain : Unknown intruders in your reservations database for four years, slurping info of 500,000,000 distinct hotel guests, is more than a security “incident.” http://twitter.com/... Donna Brazile / @donnabrazile : There goes my savings. http://twitter.com/... Michael Del Moro / @mikedelmoro : Don't worry, the breach only affected the name, address, phone number, email address, passport number, SPG account info, date of birth, gender, arrival/departure info, reservation date, & communication preferences for... 327 million people http://www.nbcnews.com/... David Carroll / @profcarroll : This is why the USA needs a GDPR. http://twitter.com/... Zack Whittaker / @zackwhittaker : I think this is the largest single breach since Yahoo's 500 million data breach. But Marriott isn't affected, as it had an entirely separate system when it bought Starwood Hotels in 2016. Marriott said “unauthorized access” began in 2014. More here: http://techcrunch.com/... http://twitter.com/... Cayle Thompson / @caylethompson : LATEST: Here's the official statement concerning the Marriott Hotels data breach. Up to 500 million guests may be impacted, with hackers getting access to personal data and payment information. The breach goes back to 2014 but was only found in September. http://answers.kroll.com/ http://twitter.com/... Zack Whittaker / @zackwhittaker : Breaking: Starwood Hotels says 500 million guest records stolen in massive data breach, affecting W Hotels, St. Regis, Sheraton, Westin, and more. http://techcrunch.com/...